44296790d08517f51ccb621684b8783a150ba35cfe43431919c440ceed689963

Analysis

max time kernel
14s
max time network
142s
platform
windows10_x64
resource
win10v20201028
submitted
09-12-2020 23:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

seGqvEG2.exe
Size

24KB
MD5

9bd20abe669d4bc26b710deb92f3c974
SHA1

5d9715c2c56c650a1bb7622c2c1f6495f45ff829
SHA256

44296790d08517f51ccb621684b8783a150ba35cfe43431919c440ceed689963
SHA512

c0321476a5ee1ffe312a36dc2f68b6dfe9d42ba00e482bd69354ab46ebdaece594ad91c567ffc3d215e950799b8bfc3190c36c9bc96deed0de39eb3cb7eb3665

Score

1^/10

Malware Config

Signatures

Checks processor information in registry 2 TTPs 2 IoCs

Processor information is often read in order to detect sandboxing environments.

Query Registry

T1012

System Information Discovery

T1082

Processes:

seGqvEG2.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\SYSTEM\CENTRALPROCESSOR\0	seGqvEG2.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString	seGqvEG2.exe

C:\Users\Admin\AppData\Local\Temp\seGqvEG2.exe
"C:\Users\Admin\AppData\Local\Temp\seGqvEG2.exe"
1⤵
- Checks processor information in registry
PID:740

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v6

Replay Monitor

Loading Replay Monitor...

Downloads